- Call to order
- Roll call
- Agenda bashing
- Organization updates
|5 min||WG Motions |
|30 min||Discussion on document drafting||Corné|
The draft is in a Google doc - feel free to comment - Chairs and Editor will control acceptance of material.
Reminders from prior meetings:
- Set a deadline for our work - EIC Munich in May
- Corné will start with 2 streams: BP-1 (Consent Definition) and BP-2 (Privacy Notice)
- Looking for writing partners to build content
- Corné gave an overview of the process steps iWelcome goes through during customer workshops.
- The workshops deal with Information Management, data flows, and eventually what user consents are required by the customer systems.
- They talk about the customer journey (UI and consumer facing) and the iWelcome digital platform (API and platform facing)
- Definethe data model, the data processing purposes and consumer control capabilities
- They discover the mandatory minimum data to deliver the service; data processed under other legal bases (collection is permitted but not mandatory); voluntary data where consent is needed
- Q: Noted that "workforce" is listed in the first slide - do the workshops cover employee data? Normally the workshops are directed at the 'consumer' interaction.
- ACTION: The Employee use case should be covered in the consent use cases.
- They work through the customer journey to define the data model - registration and initial data collection, data collection at later stages
- The process highlights where additional data is wanted by the company but is not in the data model - requires further analysis by the team
- The workshop then defined processing purposes for each of Mandatory, Other legal basis, and Voluntary data collection/processing
- Note that these analysis processes are independent of the specific architecture implemented
- Corné showed how the metadata could be used to give transparency and user controls in the mobile UI
- Q: Should there be a "consent notice" in addition to the "privacy notice"?
- Patterns that we should analyse
- One time data collection, single use
- One time data collection, multiple use
- Periodic data collection
- 'Continuous' data collection from a data connection
|FYI||Discussion on the Interview Questions||All|
The first draft of the interview questions is in a Google doc - please comment.
|5 min||Upcoming conferences and events||Andrew|
Events that Kantara will have an active role: https://kantarainitiative.org/events/
- Corné presented a draft WG timeline leading up to EIC in May
- At the Kantara member member meeting - Paul Knowles presented the Blinding Identity Taxonomy and Schema Overlays - put on the agenda for a future meeting
Next WG meeting Wednesday, November 21, 2018 10:00 Eastern Standard Time / 14:00 GMT